Hey everyone,
I'm building a ticket app, where Users can but Tickets for Classes.
With each purchase, I want User to create a Ticket and update Class - to be precise reduce the amount of availableSpots by -1.
I'm having issues with Firestore Rules, since I technically want the Class owner be able to perform write operations. I don't want to give these rights to other Users, as logically - only Class organiser should be able to read it.
How can I "bypass" the security rules and update the Class document? What approach would you suggest?